Jennifer Granick fights for civil liberties in an age of massive surveillance and powerful digital technology. As the new surveillance and cybersecurity counsel with the ACLU's Speech, Privacy and Technology Project, she litigates, speaks, and writes about privacy, security, technology, and constitutional rights. Granick is the author of the bookAmerican Spies: Modern Surveillance, Why You Should Care, and What To Do About It, published by Cambridge Press and winner of the 2016 Palmer Civil Liberties Prize.

Granick spent much of her career helping create Stanford Law School’s Center for Internet and Society. From 2001 to 2007, she was Executive Director of CIS and founded the Cyberlaw Clinic, where she supervised students in working on some of the most important cyberlaw cases that took place during her tenure. For example, she was the primary crafter of a 2006 exception to the Digital Millennium Copyright Act which allows mobile telephone owners to legally circumvent the firmware locking their device to a single carrier. From 2012 to 2017, Granick was Civil Liberties Director specializing in and teaching surveillance law, cybersecurity, encryption policy, and the Fourth Amendment. In that capacity, she has published widely on U.S. government surveillance practices, and helped educate judges and congressional staffers on these issues. Granick also served as the Civil Liberties Director at the Electronic Frontier Foundation from 2007-2010. Earlier in her career, Granick spent almost a decade practicing criminal defense law in California.

Granick’s work is well-known in privacy and security circles. Her keynote, "Lifecycle of a Revolution" for the 2015 Black Hat USA security conference electrified and depressed the audience in equal measure. In March of 2016, she received Duo Security’s Women in Security Academic Award for her expertise in the field as well as her direction and guidance for young women in the security industry. Senator Ron Wyden (D-Ore) has called Granick an "NBA all-star of surveillance law.”

Over at Just Security, I have a new piece on the Washington Post's interesting story about the increasingly aggressive role some federal magistrate judges are playing in policing criminal investigations involving digital media.

Today the Fourth Circuit refrained from deciding the first legal challenge to government seizure of the master encryption keys that secure our communications with web sites and email servers. Nevertheless, the Court upheld contempt of court sanctions, because of the Lavabit owner’s foot dragging during proceedings. Lavabit had failed to raise the substantive issues below, it decided, thus precluding appellate review.

Today I filed comments with the Privacy and Civil Liberties Oversight Board (PCLOB) in connection with its hearing on section 702 of the FISA Amendments Act. That law is the legal basis for the PRISM surveillance program and involves warrantless collection of communications contents via targeting non-U.S. individuals or entities reasonably believed to be located abroad. I've written previously about questions the PCLOB should investigate with regards to section 702.

Today, the European Court of Justice struck down the European Union’s 2006 Data Retention Directive. That policy required member states to force communications companies to store citizens' telecommunications data for six to 24 months.

Last week, the New York Times reported that the U.S. is spying on router company Huawei to get information about the Chinese government and to learn how to surveil our allies and other countries that might purchase Huawei routers. On Just Security, I refute the argument of some that it is not “in the public interest to reveal how democracies spy on dictatorships”.

Pages

Encryption helps human rights workers, activists, journalists, financial institutions, innovative businesses, and governments protect the confidentiality, integrity, and economic value of their activities. However, strong encryption may mean that governments cannot make sense of data they would otherwise be able to lawfully access in a criminal or intelligence investigation.

Arguing that a defendant’s conviction for website hacking should be overturned because legitimate, highly valuable security and privacy research commonly employs techniques that are essentially identical to what the defendant did and that such independent research is of great value to academics, government regulators and the public even when – often especially when — conducted without a website owner’s permission.

Arguing that if the court should not compel Apple to create software to enable unlocking and search of the San Bernardino shooter’s iPhone, it will jeopardize digital and personal security more generally.

After the Estate of James Joyce refused to allow a scholar to quote Joyce in her book, we successfully defended her right under the fair use doctrine to use the quotes she needed to illustrate her scholarship. After we prevailed in the case, the Estate paid $240,000 of our client’s legal fees.

Pages

This post is the latest installment of our “Monday Reflections” feature, in which a different Just Security editor examines the big stories from the previous week or looks ahead to key developments on the horizon.

In the wake of a recent appellate court’s decision that the NSA’s domestic dragnet collection of phone call records is illegal, political support for maintaining the legal provision that the government used to justify the program has all but vanished. For the first time in a dozen years, we have a real chance at ending one of the most abused and misused parts of US surveillance law. Congress should allow section 215 of the USA PATRIOT Act to expire.

Last week’s dramatic Second Circuit decision in ACLU v. Clapper, invalidated the alleged legal basis for the NSA domestic phone call dragnet, Section 215 of the USA Patriot Act, just weeks before that provision is about to expire.

Pages

"“YouTube as a private company is well within its rights,” said Jennifer Granick, a speech and technology expert at the American Civil Liberties Union. But “YouTube will make mistakes, and over-censor.”"

"Jennifer Granick, a surveillance and cybersecurity counsel with the ACLU, explains that the purpose of the law “isn’t necessarily to protect the tech companies, but to protect the American people in having a platform where you can post information and post our stories, because if the platforms were liable for information that their users publish, then they wouldn’t be able to publish that information. They would have to go through some kind of advanced review process.”"

"In a Stanford CIS blog post, Pfefferkorn said she found hope in the opinion. “For one, the court rejected the government’s unfounded attempt to argue that we lack standing to seek to unseal these records at all,” she wrote. “It is well-established that members of the public have standing to seek to unseal sealed court records, and the court refused to depart from that settled law.

"Jennifer Granick, surveillance and cybersecurity counsel for the American Civil Liberties Union, told USA TODAY Sports that delayed-notice warrants often lack guidelines to protect bystanders caught during surveillance under a provision of the Patriot Act.

"“Normally we think of the judiciary as being the overseer, but as the technology has gotten more complex, courts have had a harder and harder time playing that role,” said Jennifer Granick, surveillance and cybersecurity counsel at the American Civil Liberties Union. “We’re depending on companies to be the intermediary between people and the government.”"

Because of Edward Snowden’s remarkable public service, we know that the National Security Agency, with the cooperation of some large firms, has amassed an unprecedented database of personal information. The ostensible goal in collecting that information is to protect national security. The effect, according to Reed Hundt, is to undermine democracy.

Pages

Jennifer Granick talks about how notions of privacy have changed over the years and where she thinks things are headed in the future. She is a professor at the Stanford School of Law and Director of Civil Liberties at the Center for Internet and Society, where she specializes in the intersection of engineering, privacy and the law.

What kind of surveillance assistance can the U.S. government force companies to provide? This issue has entered the public consciousness due to the FBI's demand in February that Apple write software to help it access the San Bernardino shooter's encrypted iPhone. Technical assistance orders can go beyond the usual government requests for user data, requiring a company to actively participate in the government's monitoring of the targeted user(s).

In this week's feature interview we're chatting with Stanford's very own Jennifer Granick about a recent ruling in a Virginia court that appears to give the FBI permission to hack into any computer it wants, sans warrant. Well that's what the headlines are screaming, anyway. But as you'll hear, it's not quite that black and white.

""What was remarkable was that the public hadn't seen the argument surfaced," says Jennifer Granick at the Stanford Center for Internet and Society. She says Judge Orenstein was trying to stoke a public debate. "Judge Orenstein had concerns about whether the government's legal argument was a valid legal argument."